Security daily (23-02-2021)

Updated whitepaper available: Encrypting File Data with Amazon Elastic File System

We’re sharing an update to the Encrypting File Data with Amazon Elastic File System whitepaper to provide customers with guidance on enforcing encryption of data at rest and in transit in Amazon Elastic File System (Amazon EFS). Amazon EFS provides simple, scalable, highly available, and highly durable shared file systems in the cloud. The file […] (AWS Security Blog)

Analyze and understand IAM role usage with Amazon Detective

In this blog post, we’ll demonstrate how you can use Amazon Detective’s new role session analysis feature to investigate security findings that are tied to the usage of an AWS Identity and Access Management (IAM) role. You’ll learn about how you can use this new role session analysis feature to determine which Amazon Web Services […] (AWS Security Blog)

Keybase secure messaging fixes photo-leaking bug – patch now!

It's a bit like Snapchat all over again - but this bug was quickly fixed. (Naked Security)

SolarWinds Hearing Announced By House Committees

(News ≈ Packet Storm)

Hackers Are Selling Network Logins To The Highest Bidder

(News ≈ Packet Storm)

Bitcoin Blockchain Helps Botnet From Being Taken Down

(News ≈ Packet Storm)

10K Microsoft Email Users Hit In FedEx Phishing Attack

(News ≈ Packet Storm)

Daycare Webcam Service Exposes 12,000 User Accounts  

NurseryCam suspends service across 40 daycare centers until a security fix is in place. (Threatpost)

IBM Squashes Critical Remote Code-Execution Flaw

A critical-severity buffer-overflow flaw that affects IBM Integration Designer could allow remote attackers to execute code. (Threatpost)

Finnish IT Giant Hit with Ransomware Cyberattack

TietoEVRY was forced to shut down services and infrastructure as the company continues to investigate the incident with relevant authorities. (Threatpost)

10K Microsoft Email Users Hit in FedEx Phishing Attack

Microsoft users are receiving emails pretending to be from mail couriers FedEx and DHL Express - but that really steal their credentials. (Threatpost)


/security-daily/ 24-02-2021 23:45:57